Job: CEO/Managing Partner Appsecure (Australia)
I've been involved with OWASP for nearly 10 years, and have worked within the organisation in many roles. Recently for a number of years, i've been the conference chair and organiser of the OWASP Asia Pacific/Australia conferences (most years). I worked extensively on the OpenSAMM project with Pravir, and have reviewed other recent projects. Previously i've written and run the Interceptor project for OWASP, and have been a chapter leader and organised many chapter and conference sessions across Australia and Asia Pacific. I've also presented at conferences around the world on Application Security, and spoken and been an evangelist for OWASP and Application Security at many conferences.
- OWASP Asia Pacific/Australia Conferences Chair & Organiser (2008, 2009, 2012)
- Founder of OWASP Brisbane Chapter
- Core Contributor to OpenSAMM Project
- Contributor to the OWASP WASS Project (Now PCI Project)
- Project Lead for OWASP Interceptor Project and SoC (now closed) if you're looking go use ZAP! Awesome tool
- Presentations at OWASP Conferences (Back as far as 2006)
- Presentations at OWASP Japan, China, Australia
- Member of the Global Conferences Committee (Previously)
- Helped to grow Australian Chapters including presentations at each Chapter
- Completed a number of external presentations on OWASP (Auscert, China Software Summit, Japan Developer Group - JAVA & .NET, US, Europe - OWASP)
LinkedIn Profile: Click Here
My OWASP Mission/Vision
To ensure OWASP continues to grow and is a transparent and Open organisation that has global reach across the Information Security and Development Communities.
I’ve been working with OWASP since 2002. During this time, I’ve seen a dramatic rise in the need for Application Security within the global industry. OWASP plays a critical role as an independent advisor to the community on topics of Application Security. I firmly believe that OWASP is the leading and only truly open resource on application security topics. It is the most globally trusted brand in this field. Historically, OWASP has tried to become a global organisation with some success. To be a truly global brand, we need to significantly increase our focus within the Asia Pacific Rim. This can be achieved through a top-down approach of representation on the board and core committees within the region.
The Asia Pacific region has a number of unique challenges. These include language, cultural and distance issues. The majority of OWASP members are from the US or UK geographies. To ensure a global reach, OWASP must meet these challenges head on. This involves growing local, country, and regional chapters. A program must be built to help language-specific translation of key OWASP project resources. OWASP must assist local chapters with planning local conferences, events, and coordinating international speakers. OWASP must also aide in evangelising the mission throughout the region.
We know that the OWASP brand is one of the most trusted brands in Application Security. It is critical that OWASP maintains transparency and be open to members and the community at large.
My key focus statements for OWASP are as follows:
- Global Outreach - Expanding Asia Pacific
To ensure adequate representation of Asia Pacific region within OWASP, OWASP should assist local regions with chapters, conferences and language translation.
- OWASP - Application Security Evangelism
I firmly believe that OWASP needs to spend more time with developers, project owners and businesses to deliver a few key messages. These messages emphasize that application security is relevant and important. The messages also need to illustrate the current threat landscape. We need to take our wealth of experience and information to the wider community by attending and presenting OWASP to the community outside of the Application/Information Security forum.
- OWASP Community
The OWASP Community is a critical resource that we should help continue to grow and expand with updated projects, new technologies and new approaches to solving the risks associated with application security. Firmly investing in these resources will ensure we continue to be recognised as the global leader.
- OWASP Transparency
With such a recognised brand, I believe transparency and openness of all activities within OWASP ensures that we remain as the “trusted source” of information within the industry.